Response.Write

[Toby Boogerd]

Below I note that my response.write is adding spaces after the characters. I
use this code as Middleware, an application calls this page passing the
LogonID and the page is suppose to returen the password from the database.
It does but then when I open the file where I save this i notice I have
extra spaces after the password? Is there a better way to pass this data
back to my app?

<%@ Import Namespace="System.Data.SqlClient" %>
<%@ Import Namespace="System.Data" %>
<%

Dim conMMTMP As SqlConnection
Dim cmdSelect As SqlCommand
dim parmPassword As SqlParameter

conMMTMP = New SqlConnection(
"server=localhost;UID=sa;PWD=1amINIT2;database=mmtmp")
cmdSelect = New SqlCommand( "GetParam" , conMMTMP)
cmdSelect.CommandType = CommandType.StoredProcedure

cmdSelect.Parameters.Add( "@LogonID", Request.Querystring("LogonID"))

parmPassword = cmdSelect.Parameters.Add("@passwd", SqlDbType.Varchar)
parmPassword.Size = 40
parmPassword.Direction = ParameterDirection.Output

conMMTMP.Open()
cmdSelect.ExecuteNonQuery()

'Some reason it adds 12 spaces after the password!
response.write(cmdSelect.Parameters("@passwd").value)

conMMTMP.Close()
%>

 

[Paul King]

Can I just add that in future, you don't include your Connection String
details (which include your Username and Password) - this could compromise
your security.

If you need to explain the connection string on this newsgroup then use
dummy data or something like UID={username}; PWD={password}

Regards
Paul.

 

[Craig Deelsnyder]

Below I note that my response.write is adding spaces after the characters. I
use this code as Middleware, an application calls this page passing the
LogonID and the page is suppose to returen the password from the database.
It does but then when I open the file where I save this i notice I have
extra spaces after the password? Is there a better way to pass this data
back to my app?

<%@ Import Namespace="System.Data.SqlClient" %>
<%@ Import Namespace="System.Data" %>
<%

Dim conMMTMP As SqlConnection
Dim cmdSelect As SqlCommand
dim parmPassword As SqlParameter

conMMTMP = New SqlConnection(
"server=localhost;UID=sa;PWD=1amINIT2;database=mmtmp")
cmdSelect = New SqlCommand( "GetParam" , conMMTMP)
cmdSelect.CommandType = CommandType.StoredProcedure

cmdSelect.Parameters.Add( "@LogonID", Request.Querystring("LogonID"))

parmPassword = cmdSelect.Parameters.Add("@passwd", SqlDbType.Varchar)
parmPassword.Size = 40
parmPassword.Direction = ParameterDirection.Output

conMMTMP.Open()
cmdSelect.ExecuteNonQuery()

'Some reason it adds 12 spaces after the password!
response.write(cmdSelect.Parameters("@passwd").value)

conMMTMP.Close()
%>

are you sure that the password column in the database is defined
correctly? As a varchar? That could be padding it (or the sproc
itself), run the sproc in Query Analyzer and see if it's padded. Then
you can tell if it's in the code or the DB side.

If that isn't the case, try removing the .Size=40 line. Don't know if
that would cause this....

What does it look like in your debugger? Look at
cmdSelect.Parameters("@passwd").value in debug mode and see if it's
padded there....

Also, what does it mean 'file where I save this notice'...are you
writing something to file? Where and how is that setup?

 

[Toby Boogerd]

It seems my database is padding. I changed the type to char(8) and it still
pads it for example password=bcc it puts bcc with 5 spaces
If I take parPassword.Size = 8 out then my code doesn't work i get an error
saying @passwd is 0
How can I set this up so it doens't pad?

 

[Craig Deelsnyder]

It seems my database is padding. I changed the type to char(8) and it still
pads it for example password=bcc it puts bcc with 5 spaces
If I take parPassword.Size = 8 out then my code doesn't work i get an error
saying @passwd is 0
How can I set this up so it doens't pad?


characters. I

database.

are you sure that the password column in the database is defined
correctly? As a varchar? That could be padding it (or the sproc
itself), run the sproc in Query Analyzer and see if it's padded. Then
you can tell if it's in the code or the DB side.

If that isn't the case, try removing the .Size=40 line. Don't know if
that would cause this....

What does it look like in your debugger? Look at
cmdSelect.Parameters("@passwd").value in debug mode and see if it's
padded there....

Also, what does it mean 'file where I save this notice'...are you
writing something to file? Where and how is that setup?

use varchar(8) (or whatever size you need) instead...using a char type,
the database always allocates that number of spaces for that column, and
will pad values as they're inserted. a varchar type says 'this is the
max number needed' and the database only uses what's needed (doesn't
pad). usually varchar is better for this reason, unless you know
something will always be '2 chars' for example (like a non-nullable
state code).